TRACKS
04 — Problem Domains
PICK YOUR
BATTLEFIELD.
HACK'A'WAR features 4 themes, each containing multiple problem statements. Explore the themes below, dive into the problem statements, and pick the one that excites your team the most. You can tackle any single problem statement, or combine ideas from multiple problems within a theme — the choice is yours. Build something bold.
⚖️
Equal number of teams will be selected from each theme — pick based on passion, not popularity.
The Problem (Simply Put)
DevOps teams spend hours manually configuring CI/CD pipelines, debugging deployment failures, and managing infrastructure. An AI agent that understands DevOps workflows could automate routine tasks, predict failures, and suggest optimizations — turning hours of toil into minutes of oversight.
Real-World Impact
Companies lose thousands of engineering hours per year on repetitive DevOps tasks. Automated DevOps agents can reduce deployment failures by up to 60% and free engineers to focus on building features instead of fighting infrastructure.
What You'll Build
An AI-powered DevOps agent that can analyze CI/CD pipeline configurations, suggest improvements, auto-remediate common failures, and generate infrastructure-as-code from natural language descriptions.
What Success Looks Like
A working demo where the agent successfully diagnoses a pipeline failure, suggests a fix, and optionally auto-applies it. Bonus points for multi-cloud support and natural language interaction.
Getting Started Guide
Start with Amazon Bedrock for the LLM backbone. Use AWS CodePipeline or GitHub Actions as your CI/CD target. Build a simple agent loop: observe pipeline state → reason about issues → suggest/apply fixes. Use CloudWatch logs as your data source.
The Problem (Simply Put)
Cloud architecture reviews against the AWS Well-Architected Framework are time-consuming, require deep expertise across all six pillars, and are often done too late in the development cycle. An AI agent that continuously reviews architectures against best practices could catch issues early and democratize access to expert-level guidance.
Real-World Impact
Organizations that skip Well-Architected reviews often face costly rearchitecting later — sometimes 10x the cost of early fixes. Automated reviews can reduce cloud spend by 20–30% by catching over-provisioning, single points of failure, and security gaps before they reach production.
What You'll Build
An AI agent that ingests CloudFormation templates, Terraform configs, or architecture diagrams and evaluates them against the six pillars of the AWS Well-Architected Framework — Operational Excellence, Security, Reliability, Performance Efficiency, Cost Optimization, and Sustainability. It generates a prioritized list of findings with specific remediation steps.
What Success Looks Like
A working demo where the agent analyzes a sample architecture, identifies at least 5 findings across multiple pillars, and provides actionable recommendations with severity ratings. Bonus points for generating remediated IaC templates automatically.
Getting Started Guide
Use Amazon Bedrock with Claude or Titan models as the reasoning engine. Feed in the Well-Architected Framework whitepapers as context via RAG (using Amazon Bedrock Knowledge Bases). Parse IaC templates into structured representations and prompt the LLM to evaluate each pillar systematically.
The Problem (Simply Put)
Translating business requirements into cloud architecture proposals requires deep knowledge of hundreds of AWS services, their trade-offs, pricing models, and integration patterns. Most teams lack access to experienced solution architects, leading to suboptimal designs that are expensive to fix later.
Real-World Impact
Startups and mid-size companies often over-engineer or under-engineer their cloud architectures due to limited expertise. An AI solution architect could reduce initial architecture design time from weeks to hours and prevent costly mistakes that typically surface 6–12 months into production.
What You'll Build
An AI agent that takes natural language business requirements as input and generates complete cloud architecture proposals — including architecture diagrams, service selections with justifications, cost estimates using AWS Pricing APIs, and step-by-step implementation guides.
What Success Looks Like
A working demo where the agent takes a business scenario (e.g., "Build a real-time analytics platform for 10M events/day"), generates an architecture diagram, lists recommended AWS services with rationale, and provides a monthly cost estimate. Bonus points for comparing multiple architecture options.
Getting Started Guide
Use Amazon Bedrock for the LLM backbone. Build a knowledge base from AWS architecture reference docs and service documentation. Use the AWS Pricing API for cost estimates. Consider generating diagrams using Mermaid or D2 syntax that the LLM can produce natively.
The Problem (Simply Put)
Organizations using multiple LLMs face a constant trade-off between quality, cost, and speed. Simple queries get routed to expensive frontier models, while complex tasks sometimes hit lightweight models that produce poor results. There is no intelligent middleware that matches prompts to the right model automatically.
Real-World Impact
Companies running LLM workloads at scale report that 40–60% of their API spend goes to over-qualified models handling simple tasks. Intelligent routing can cut LLM costs by 50% or more while maintaining or improving response quality by matching task complexity to model capability.
What You'll Build
A prompt routing system that analyzes incoming prompts for complexity, domain, required capabilities (code generation, reasoning, summarization), and latency requirements, then routes each request to the optimal LLM from a pool of available models on Amazon Bedrock — balancing quality, cost, and speed.
What Success Looks Like
A working demo that routes a diverse set of prompts (simple Q&A, code generation, complex reasoning, creative writing) to different models and demonstrates measurable cost savings compared to always using the most expensive model, without significant quality degradation.
Getting Started Guide
Use Amazon Bedrock to access multiple models (Claude, Titan, Llama, Mistral). Build a lightweight classifier that scores prompt complexity using features like token count, question type, and domain keywords. Start with rule-based routing, then enhance with a small ML model trained on prompt-quality pairs.
The Problem (Simply Put)
Security reviews of code, infrastructure configurations, and IAM policies are bottlenecked by the limited availability of security engineers. Pull requests wait days for security sign-off, IAM policies are overly permissive because "it works," and infrastructure misconfigurations slip through to production unnoticed.
Real-World Impact
Over 80% of cloud breaches stem from misconfigurations, not sophisticated attacks. The average cost of a data breach exceeds $4 million. Automated security review agents can catch common vulnerabilities in seconds rather than days, dramatically reducing the window of exposure.
What You'll Build
An AI agent that performs automated security reviews across three domains: application code (detecting injection flaws, hardcoded secrets, insecure dependencies), infrastructure configs (CloudFormation/Terraform misconfigurations, open security groups), and IAM policies (overly permissive roles, unused permissions, privilege escalation paths).
What Success Looks Like
A working demo where the agent scans a sample repository or IaC template, identifies real vulnerabilities (e.g., an S3 bucket with public access, an IAM role with admin privileges, hardcoded API keys), and suggests specific fixes with severity ratings. Bonus points for auto-generating remediated code.
Getting Started Guide
Use Amazon Bedrock for the LLM reasoning layer. Feed in AWS security best practices and CIS benchmarks as context via RAG. Parse code and configs into structured formats before analysis. Use IAM Access Analyzer APIs for policy evaluation and combine LLM insights with rule-based checks for higher accuracy.
The Problem (Simply Put)
Technical debt accumulates silently in every codebase — duplicated logic, outdated dependencies, tightly coupled modules, missing tests, and abandoned feature flags. Engineering teams know it exists but struggle to quantify it, prioritize it, or make a business case for paying it down.
Real-World Impact
Studies show that developers spend 33% of their time dealing with technical debt. For a 50-person engineering team, that translates to roughly $5 million per year in lost productivity. Quantifying debt in business terms helps leadership allocate dedicated remediation sprints.
What You'll Build
An AI-powered tool that scans codebases to identify, categorize, and quantify technical debt. It analyzes code complexity, dependency health, test coverage gaps, code duplication, and architectural anti-patterns, then produces a prioritized remediation roadmap with estimated effort and business impact for each item.
What Success Looks Like
A working demo where the tool scans a sample repository, generates a technical debt report with categories (code quality, dependency risk, architecture, testing), assigns severity and estimated remediation effort to each finding, and produces a prioritized action plan. Bonus points for tracking debt trends over time.
Getting Started Guide
Use Amazon Bedrock for code analysis and natural language report generation. Combine LLM analysis with static analysis tools (complexity metrics, dependency scanners) for accuracy. Use Amazon CodeGuru for code quality insights. Store findings in DynamoDB and build a simple dashboard to visualize debt categories and trends.
The Problem (Simply Put)
Organizations migrating from GCP to AWS face a complex mapping challenge — translating GCP services, networking configurations, IAM models, and deployment patterns into their AWS equivalents. Manual migration planning is slow, error-prone, and requires deep expertise in both cloud platforms.
Real-World Impact
Cloud-to-cloud migrations typically take 6–18 months and cost millions in consulting fees. An AI-powered accelerator can reduce planning time by 70% and catch compatibility issues before they become expensive production problems, helping AWS partners win more migration deals.
What You'll Build
An AI tool that analyzes GCP infrastructure and generates equivalent AWS architecture proposals with migration runbooks. It maps GCP services to AWS counterparts, identifies gaps, estimates costs, and produces step-by-step migration plans that partners can execute.
What Success Looks Like
A working demo where the tool ingests a GCP architecture description, generates an equivalent AWS architecture with service mappings, highlights potential migration risks, and produces a runbook with prioritized migration steps. Bonus points for cost comparison between the two environments.
Getting Started Guide
Use Amazon Bedrock for the LLM backbone. Build a knowledge base mapping GCP services to AWS equivalents. Parse GCP configurations (Deployment Manager, Terraform) and generate AWS CloudFormation or Terraform outputs. Use AWS Migration Hub for tracking and AWS Pricing API for cost estimates.
The Problem (Simply Put)
Organizations that built LLM applications on other providers (OpenAI, Google Vertex AI, Azure OpenAI) face significant friction migrating to Amazon Bedrock. Prompts need rewriting, model behaviors differ, API interfaces change, and performance benchmarks must be re-established — making migration feel risky and expensive.
Real-World Impact
Vendor lock-in on LLM platforms costs organizations flexibility and negotiating power. A migration factory that automates prompt translation and model mapping can reduce LLM migration timelines from months to weeks, helping organizations diversify their AI infrastructure and optimize costs.
What You'll Build
A system that helps organizations migrate their LLM workloads from other providers to Amazon Bedrock, handling prompt translation, model mapping, and performance benchmarking. It analyzes existing prompts, suggests equivalent Bedrock models, adapts prompt formats, and runs comparative evaluations.
What Success Looks Like
A working demo where the tool takes prompts designed for another LLM provider, automatically translates them for Amazon Bedrock models, runs both versions, and produces a comparison report showing quality, latency, and cost differences. Bonus points for batch migration of prompt libraries.
Getting Started Guide
Use Amazon Bedrock to access multiple foundation models. Build a prompt translation layer that maps provider-specific features (system prompts, function calling, JSON mode) to Bedrock equivalents. Use Bedrock's model evaluation features for benchmarking. Store migration results in DynamoDB for tracking.
The Problem (Simply Put)
AWS cloud spending is notoriously difficult to manage. Teams spin up resources and forget about them, reserved instances go unpurchased, and right-sizing recommendations pile up unactioned. Finance teams lack the technical context to optimize, and engineering teams lack the time.
Real-World Impact
Studies show that 30–35% of cloud spend is wasted. For a company spending $1M/month on AWS, that is $300K–$350K in potential savings. An AI-powered FinOps tool that continuously monitors and auto-optimizes can recover significant spend without requiring dedicated FinOps engineers.
What You'll Build
An AI-powered financial operations tool that continuously monitors AWS spending, identifies optimization opportunities, and auto-implements cost-saving measures like reserved instance purchases, right-sizing recommendations, and idle resource cleanup. It provides natural language explanations of spending trends and savings actions.
What Success Looks Like
A working demo where the tool analyzes an AWS account's cost data, identifies at least 3 optimization opportunities with estimated savings, and demonstrates auto-remediation for at least one (e.g., stopping an idle instance, recommending a reserved instance purchase). Bonus points for natural language cost reports.
Getting Started Guide
Use AWS Cost Explorer API and AWS Cost and Usage Reports as data sources. Use Amazon Bedrock for natural language analysis and recommendation generation. Leverage AWS Compute Optimizer for right-sizing data. Build an agent loop that monitors → analyzes → recommends → optionally auto-applies optimizations.
The Problem (Simply Put)
Large-scale cloud migrations involve hundreds of applications with complex interdependencies. Planning which applications to migrate together (waves), in what order, and with what strategy (rehost, replatform, refactor) is a massive coordination challenge that typically requires expensive consultants and months of analysis.
Real-World Impact
Poorly planned migration waves lead to broken dependencies, extended downtime, and budget overruns. Organizations that get wave planning right can reduce migration timelines by 40% and avoid costly rollbacks. AI-driven planning can democratize access to migration expertise.
What You'll Build
An AI agent that analyzes on-premises application portfolios and generates optimized migration wave plans, considering dependencies, risk, and business priority. It ingests application metadata, maps dependencies, scores migration complexity, and produces a phased migration roadmap.
What Success Looks Like
A working demo where the agent takes an application portfolio (with dependencies and metadata), generates a wave plan with 3–5 waves, explains the rationale for grouping decisions, and highlights high-risk applications that need special attention. Bonus points for visual dependency graphs and timeline estimates.
Getting Started Guide
Use Amazon Bedrock for the reasoning engine. Model application portfolios as graphs with dependency edges. Use AWS Migration Hub and AWS Application Discovery Service for data ingestion patterns. Apply graph algorithms for dependency analysis and LLM reasoning for migration strategy recommendations.
The Problem (Simply Put)
Sales teams waste up to 50% of their time on unqualified leads. SDRs make hundreds of calls daily, asking the same discovery questions, only to find that most prospects aren't a fit. A voice AI agent that handles initial qualification calls can filter leads intelligently, asking the right questions and scoring prospects before a human ever picks up the phone.
Real-World Impact
Companies with high-volume inbound leads report that only 10–15% are truly sales-ready. By automating initial qualification, sales reps can focus exclusively on high-intent prospects, increasing conversion rates by 30–40% and reducing cost-per-acquisition significantly.
What You'll Build
A voice AI agent that conducts initial sales qualification calls, asking discovery questions based on configurable qualification frameworks (BANT, MEDDIC, CHAMP). It scores leads in real-time, captures key information, and routes qualified prospects to the appropriate human sales rep with a full conversation summary.
What Success Looks Like
A working demo where the voice agent conducts a natural qualification call, asks relevant discovery questions, handles objections gracefully, scores the lead, and produces a structured handoff report for the sales team. Bonus points for CRM integration and multi-turn conversation handling.
Getting Started Guide
Use Amazon Connect for telephony and call handling. Use Amazon Bedrock for conversational reasoning and lead scoring logic. Leverage Amazon Transcribe for speech-to-text and Amazon Polly for text-to-speech. Build a state machine that guides the conversation through qualification stages.
The Problem (Simply Put)
Debt collection is one of the most sensitive and heavily regulated areas of customer communication. Human agents burn out quickly, compliance violations are costly, and many debtors avoid calls entirely. A voice AI agent that handles collections with empathy and strict regulatory compliance can improve recovery rates while reducing legal risk.
Real-World Impact
The collections industry recovers only 20–30% of outstanding debts on average. Compliance violations under FDCPA and similar regulations can result in fines of $1,000+ per incident. An AI agent that never forgets a disclosure requirement and adapts its tone to each debtor can improve recovery rates by 15–25% while eliminating compliance risk.
What You'll Build
A voice AI agent that handles outbound debt collection calls with empathy and full regulatory compliance. It delivers required disclosures, negotiates payment plans, processes payments, and escalates to human agents when conversations become complex or emotionally charged — all while maintaining detailed audit trails.
What Success Looks Like
A working demo where the agent conducts a compliant collections call, delivers all required disclosures, negotiates a payment arrangement, and generates a compliance audit log. Bonus points for sentiment detection that triggers human escalation and multi-language support.
Getting Started Guide
Use Amazon Connect for telephony. Use Amazon Bedrock for conversational AI with guardrails to enforce compliance rules. Leverage Amazon Comprehend for sentiment analysis during calls. Build a compliance rule engine that ensures all required disclosures are delivered and prohibited phrases are never used.
The Problem (Simply Put)
Healthcare clinics, salons, repair services, and professional offices lose significant revenue to no-shows and scheduling inefficiencies. Front-desk staff spend hours on the phone managing bookings, rescheduling, and sending reminders. A voice AI agent that handles appointment management naturally over the phone can reclaim that time and reduce no-show rates.
Real-World Impact
No-shows cost the US healthcare system alone over $150 billion annually. Automated appointment reminders reduce no-shows by 30–40%, and voice-based scheduling eliminates the need for dedicated reception staff during peak hours, saving businesses $40K–$60K per year in labor costs.
What You'll Build
A voice AI agent that handles inbound and outbound appointment calls — scheduling new appointments, rescheduling existing ones, sending voice reminders, and confirming attendance. It integrates with calendar systems, understands natural date/time expressions, and handles multi-turn conversations with context awareness.
What Success Looks Like
A working demo where the agent books an appointment through natural conversation, checks calendar availability, confirms the booking, and sends a reminder call. Bonus points for handling rescheduling requests, waitlist management, and integration with Google Calendar or Outlook.
Getting Started Guide
Use Amazon Connect for telephony. Use Amazon Bedrock for natural language understanding and conversation management. Integrate with Amazon Lex for intent recognition and slot filling (dates, times, services). Use AWS Lambda to connect with external calendar APIs and manage booking state.
The Problem (Simply Put)
Traditional IVR systems frustrate customers with rigid menu trees and limited understanding. Meanwhile, human support agents spend 40% of their time looking up information in knowledge bases. A voice AI system powered by agentic RAG can understand customer issues naturally, retrieve relevant information in real-time, and resolve most queries without human intervention.
Real-World Impact
Contact centers handle billions of calls annually, with average handling times of 6–8 minutes and resolution rates of 70%. AI-powered voice support can reduce handling time by 50%, improve first-call resolution to 85%+, and operate 24/7 — dramatically reducing support costs while improving customer satisfaction.
What You'll Build
A voice AI system that handles inbound customer support calls using agentic RAG. It listens to customer issues, retrieves relevant information from knowledge bases and documentation, takes actions (checking order status, initiating returns, updating accounts), and seamlessly escalates to human agents when needed — with full context transfer.
What Success Looks Like
A working demo where the voice agent handles a customer support call, understands the issue, retrieves relevant knowledge base articles, resolves the query or takes an action, and provides a clear summary. Bonus points for context-aware escalation to human agents and post-call summarization.
Getting Started Guide
Use Amazon Connect for telephony and contact flow management. Use Amazon Bedrock Knowledge Bases for RAG over your support documentation. Use Amazon Bedrock Agents for agentic actions (order lookup, account updates). Leverage Amazon Transcribe for real-time speech-to-text and Amazon Polly for responses.
The Problem (Simply Put)
India has 1.4 billion people speaking 22 official languages and hundreds of dialects, yet most voice AI systems only work well in English. Rural and semi-urban users — who represent the next billion internet users — are locked out of voice-first services because existing systems cannot understand Hindi, Tamil, Telugu, Kannada, or code-mixed speech patterns.
Real-World Impact
Over 90% of India's internet users prefer consuming content in their local language. Voice commerce in India is projected to reach $40 billion by 2030. A multilingual voice AI system that truly understands Indian languages can unlock access to banking, healthcare, government services, and e-commerce for hundreds of millions of underserved users.
What You'll Build
A multilingual voice AI system optimized for Indian languages and dialects. It handles customer interactions in Hindi, Tamil, Telugu, Kannada, Bengali, and other regional languages — including code-mixed speech (Hinglish, Tanglish). The system detects the speaker's language automatically and responds in the same language with culturally appropriate responses.
What Success Looks Like
A working demo where the voice agent handles a customer interaction in at least 3 Indian languages, correctly detects language switches mid-conversation, and provides accurate responses. Bonus points for handling code-mixed speech, dialect variations, and culturally nuanced interactions.
Getting Started Guide
Use Amazon Transcribe for speech-to-text with Indian language support. Use Amazon Bedrock with multilingual models for understanding and response generation. Use Amazon Polly's Indian language voices for text-to-speech. Build a language detection layer that identifies the speaker's language and routes to the appropriate processing pipeline.
The Problem (Simply Put)
Regulated industries like finance, insurance, and healthcare require that voice calls follow strict compliance protocols — mandatory disclosures, prohibited phrases, consent verification, and proper identification. Today, compliance teams manually audit only 2–5% of calls, leaving the vast majority unchecked and creating significant regulatory risk.
Real-World Impact
Compliance violations in voice communications result in fines ranging from $10,000 to $1 million per incident. Financial institutions alone pay billions annually in compliance-related penalties. An AI auditor that monitors 100% of calls in real-time can catch violations before they become costly enforcement actions.
What You'll Build
An AI system that monitors and audits voice calls in real-time for regulatory compliance. It transcribes calls, analyzes them against configurable compliance rules (required disclosures, prohibited language, consent requirements), flags violations instantly, and generates detailed compliance reports with timestamps and severity ratings.
What Success Looks Like
A working demo where the system processes a sample call recording, identifies compliance violations (missing disclosures, prohibited phrases, consent gaps), generates a compliance scorecard with specific timestamps and violation details, and produces an audit-ready report. Bonus points for real-time alerting and trend analysis across multiple calls.
Getting Started Guide
Use Amazon Transcribe for real-time call transcription. Use Amazon Bedrock for compliance rule evaluation and natural language analysis. Use Amazon Comprehend for entity detection (names, account numbers, dates). Store audit results in Amazon S3 and DynamoDB, and build a compliance dashboard using Amazon QuickSight.
The Problem (Simply Put)
Startups and growing companies face a daunting compliance journey — from zero documentation to audit-ready status for frameworks like SOC 2, ISO 27001, or HIPAA. The process typically takes 6–12 months, costs $50K–$200K in consulting fees, and pulls engineering teams away from product work to write policies, collect evidence, and fill out spreadsheets.
Real-World Impact
Over 70% of enterprise deals require SOC 2 or equivalent compliance certification. Startups that delay compliance lose revenue opportunities and face longer sales cycles. An AI platform that automates the zero-to-audit journey can reduce compliance timelines from months to weeks and cut costs by 60–80%.
What You'll Build
A comprehensive AI platform that takes organizations from zero compliance documentation to audit-ready status. It auto-generates policies tailored to the organization's tech stack, continuously collects evidence from cloud infrastructure, performs automated gap analysis against target frameworks, and produces audit-ready documentation packages.
What Success Looks Like
A working demo where the platform scans a sample AWS environment, generates a compliance gap analysis for SOC 2, auto-creates at least 3 policies, collects evidence artifacts (CloudTrail logs, IAM configurations, encryption settings), and produces an audit-ready report. Bonus points for continuous monitoring and drift detection.
Getting Started Guide
Use Amazon Bedrock for policy generation and gap analysis reasoning. Use AWS Config and AWS CloudTrail for evidence collection. Use AWS Security Hub for security posture assessment. Store compliance artifacts in Amazon S3 with versioning. Build a dashboard that tracks compliance progress across framework controls.
The Problem (Simply Put)
Every enterprise deal comes with a security questionnaire — sometimes hundreds of questions about your security practices, data handling, and compliance posture. Security teams spend 20–40 hours per questionnaire, answering the same questions repeatedly with slight variations, pulling information from scattered documents, policies, and previous responses.
Real-World Impact
Companies handling 50+ security questionnaires per year dedicate 1–2 full-time employees just to questionnaire responses. Slow turnaround delays deals and frustrates sales teams. An AI agent that auto-answers questionnaires from existing documentation can reduce response time from days to hours and free security teams for higher-value work.
What You'll Build
An AI agent that automatically answers security questionnaires (SOC 2, ISO 27001, CAIQ, vendor assessments) by pulling from existing documentation, policies, and previous responses. It ingests questionnaire formats, matches questions to relevant knowledge, generates accurate answers with confidence scores, and flags questions that need human review.
What Success Looks Like
A working demo where the agent ingests a sample security questionnaire, automatically answers at least 80% of questions by referencing uploaded policies and previous responses, provides confidence scores for each answer, and highlights questions requiring human review. Bonus points for learning from corrections and supporting multiple questionnaire formats.
Getting Started Guide
Use Amazon Bedrock Knowledge Bases to build a RAG system over security policies, compliance documents, and previous questionnaire responses. Use Amazon Bedrock for answer generation with confidence scoring. Parse questionnaire formats (Excel, PDF) using Amazon Textract. Store Q&A pairs in a vector database for continuous learning.
The Problem (Simply Put)
Regulatory landscapes change constantly — new laws, updated guidelines, enforcement actions, and industry standards emerge across multiple jurisdictions simultaneously. Compliance teams struggle to monitor all relevant sources, assess the impact of changes on their organization, and translate regulatory updates into actionable compliance tasks.
Real-World Impact
Organizations operating across multiple jurisdictions face an average of 200+ regulatory changes per day. Missing a critical regulatory update can result in fines, sanctions, or loss of operating licenses. An AI agent that continuously monitors and analyzes regulatory changes can reduce compliance response time from weeks to days.
What You'll Build
An AI agent that monitors regulatory changes across jurisdictions, analyzes their impact on the organization, and generates compliance action plans. It scrapes regulatory sources, classifies changes by relevance and urgency, maps them to existing compliance controls, and produces prioritized action items with deadlines and responsible parties.
What Success Looks Like
A working demo where the agent monitors sample regulatory feeds, identifies a relevant change, analyzes its impact on the organization's compliance posture, maps affected controls, and generates an action plan with specific tasks and timelines. Bonus points for multi-jurisdiction support and historical trend analysis.
Getting Started Guide
Use Amazon Bedrock for regulatory text analysis and impact assessment. Use AWS Lambda and Amazon EventBridge for scheduled monitoring of regulatory feeds. Store regulatory data in Amazon OpenSearch for full-text search. Use Amazon Bedrock Knowledge Bases to maintain context about the organization's existing compliance controls.
The Problem (Simply Put)
Internal audit teams spend the majority of their time on manual, repetitive tasks — collecting evidence from multiple systems, testing controls against checklists, documenting findings in standardized formats, and generating audit reports. This leaves little time for the high-value analytical work that actually improves organizational risk posture.
Real-World Impact
Internal audit departments typically cover only 40–60% of their audit universe annually due to resource constraints. Automating evidence collection and control testing can increase audit coverage by 2–3x, catch issues earlier, and reduce the time from finding to remediation — directly improving the organization's risk management effectiveness.
What You'll Build
An AI-powered workbench for internal auditors that automates evidence collection from cloud infrastructure and business systems, performs automated control testing against audit criteria, documents findings in standardized formats, and generates comprehensive audit reports — all while maintaining a complete audit trail.
What Success Looks Like
A working demo where the workbench connects to a sample AWS environment, automatically collects evidence for a set of audit controls (access management, encryption, logging), tests each control against defined criteria, documents findings with severity ratings, and generates an audit report. Bonus points for remediation tracking and trend analysis.
Getting Started Guide
Use AWS Config Rules and AWS CloudTrail for automated evidence collection. Use Amazon Bedrock for control testing logic and finding documentation. Use AWS Audit Manager as a reference for audit frameworks and controls. Store audit artifacts in Amazon S3 with versioning and generate reports using Amazon Bedrock's text generation capabilities.
RESOURCES
PLATFORM SIGNUP &
FREE CREDITS GUIDE
Quick reference for signing up and getting free credits for hackathon platforms. Set up your accounts before the hackathon to hit the ground running.
AWS & Amazon Bedrock
Up to $200 in credits
Anthropic Direct API
Check console for offers
Deepgram
$200 free credits · ~700 hrs
SIGNUP → deepgram.com
No credit card required · Pricing: $0.0077/min (Nova-3)
Sarvam AI
Indic Languages
SIGNUP → sarvam.ai
Contact: api@sarvam.ai (mention hackathon/Indian languages)
Pipecat
Free · Open Source (MIT)
INSTALL → pip install pipecat-ai
No signup required — voice orchestration framework
Composio
Free Tier Available
MCP Servers
Free · Open Protocol
INSTALL → pip install mcp
No signup required — open source
Twilio
Free Trial · 5,000 hrs Flex Free
SIGNUP → twilio.com/try-twilio
Sign up → Get phone number → Get Account SID & Auth Token
Voice: $0.0085/min inbound, $0.014/min outbound · SMS: $0.0083/msg
⚠️ Important
- 🔑 Never commit API keys to git — use
.env + .gitignore
- 💰 Set billing alerts at $10, $50, $100
- 🔄 Verify current offers — pricing changes frequently
- 🧹 Clean up resources after the hackathon